Hi all,
I have set up the AIX LDAP client on AIX 5.3.9 and it's working fine, using the descriptions in the Redbook for implementing LDAP in a heterogenous environment.
I added SSL encryption to the LDAP client demon's config and created a key-db and imported a signed certificate from our CA.
When I use ldapsearch with SSL and watch the traffic with tcpdump, everything is encrypted as it is supposed to be.
When issuing lsldap, the traffic is encrypted too.
When I try to login with an LDAP-only account, I can get on the system without problem, but the traffic is not encrypted at all. I can see in the tcpdump output everything uncrypted.
I tried a lot of different settings, but without success. Here is my current ldap.cfg:
Code:
serverschematype:rfc2307
ldapservers:10.10.10.10
binddn:cn=admin,o=services
bindpwd:{DESv2}somethingcryptedhere
authtype:ldap_auth
searchmode:OS
useSSL:yes
ldapsslport:636
ldapsslkeyf:/etc/security/ldap/key.kdb
ldapsslkeypwd:{DESv2}somethingcryptedhere
userclasses:posixaccount,account,shadowaccount
groupclasses:posixgroup
userattrmappath:/etc/security/ldap/2307user.map
groupattrmappath:/etc/security/ldap/2307group.map
userbasedn:ou=users,o=company,c=de
groupbasedn:ou=users,o=company,c=de
defaultentrylocation:LDAP
I can't see what I am missing or having setup wrong. I checked many sites about the topic but they all don't give more information than the Redbook already. Thanks a lot for any hint.
